Today's exploit comes to us from Adobe Acrobat Reader. It looks as though there are a couple of backdoors in even the fully patched and latest versions. A British security researcher has figured out a way to manipulate legitimate features in Adobe PDF files to open back doors for computer attacks.  David Kierznowski, a penetration testing expert specializing in Web application testing, has released proof-of-concept code and rigged PDF files to demonstrate how the Adobe Reader program could be used to launch attacks without any user action.

The first back door (PDF), which eWEEK confirmed on a fully patched version of Adobe Reader, involves adding a malicious link to a PDF file. Once the document is opened, the target's browser is automatically launched and loads the embedded link.  At this point, it is obvious that any malicious code [can] be launched," Kierznowski said. The use of Web-based exploits to launch drive-by malware downloads is a well-known tactic and the discovery of PDF back doors is further confirmation that desktop programs have become lucrative targets for corporate espionage and other targeted attacks.

A second back door demo (PDF) presents an attack scenario that uses Adobe Systems' ADBC (Adobe Database Connectivity) and Web Services support. Kierznowski said the back door can be used to exploit a fully patched version of Adobe Professional. "The second attack accesses the Windows ODBC (on localhost), enumerates available databases and then sends this information to 'localhost' via the Web service. This attack could be expanded to perform actual database queries. Imagine attackers accessing your internal databases via a user's Web browser," he said.